89350ac67a9c67290676a3306a88a59c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

89350ac67a9c67290676a3306a88a59c_JaffaCakes118
Size

299KB
MD5

89350ac67a9c67290676a3306a88a59c
SHA1

75b039c12fd397ef68bdcaf41e66d5297fddb833
SHA256

a3a65583aafb991898312bd71613edc02f097b3cc645b76a68e58b6fb21c7626
SHA512

df20d5749543279064464bd2dd362b6631e7f5d7cc30ba0478d9a66403e403a8f0482f584b18e82140b3355f0f82a6cddc0f9aa2ee9791723bba717645db4850
SSDEEP

6144:H7RU/WUmIkHtEeo32zmZLULwv7Ge4YFb9HQXTTjpuaYv:H7RuWdIyozVIeLl9wXnFuN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89350ac67a9c67290676a3306a88a59c_JaffaCakes118

Files

89350ac67a9c67290676a3306a88a59c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

edf46c2f53bc0b39349e33b3cbdaa5a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
CreateProcessA
HeapCreate
GetSystemTime
GetCurrentDirectoryA
CloseHandle
GetComputerNameA
LoadLibraryExA
GetModuleHandleA
LocalFree
Sleep
LocalUnlock
PulseEvent
CreateThread
SetEvent
CreateFileA
lstrlenA
SetLastError
GetTickCount
UnmapViewOfFile

user32

DrawEdge
FillRect
IsWindow
DrawMenuBar
GetScrollBarInfo
CreateWindowExA
GetDlgItem
CheckRadioButton
GetKeyState
DispatchMessageA
CallWindowProcA
SetFocus
GetDC

clbcatq

SetupOpen
SetSetupSave
CheckMemoryGates
ComPlusMigrate
DllGetClassObject

inetcpl.cpl

OpenFontsDialog

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 628KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ